Utilities in JRButils v3.00 Part C Notes on NDS utilities The NDS programs retain all the functionality of their bindery counterparts, and except where noted provide the same functionality under NDS. Some common features are: o Each program uses /y to control how NDS names are displayed. The options are: c Canonical form d Canonical form with a leading period. This should be used when the output is to be used as input to another program. s Short form name u Replace spaces in names with underscores. This should be used when the output is to be used as input to another program. x Relative to the current context (the default) t May be used with any of the preceding options to force inclusion of types in the name o Each program will function in NDS mode on any server supporting NDS, otherwise it will use bindery mode. o Each program may be forced into bindery mode on an NDS server. o Each program which previously used the bindery HOME_DIR property to locate a user's home directory now uses the "Home Directory" attribute. If this does not exist, the program checks for a HOME_DIR bindery property. o Each program accepting a path as a parameter or option value, when used in NDS mode, allows volume objects or directory map objects to be used in the path. o These programs require the unicode files appropriate to your country setting and code page. These are usually located in the nls subdirectory of sys:public, but unless the utilities in Part C are placed in sys:public, the unicode files will not be found. The Novell-supplied code in the development kit searches for the unicode files as follows: o The curent directory o The first search drive o An nls subdirectory of the first search drive o An nls subdirectory of your current directory o Each of the search drives As the Part C programs will not perform NDS operations without the unicode files, you must place them in a location where they will be found. Some minor limitations under NDS are: o It is not possible to specify a tree name. You must specify the name of an NDS server if you want to perform an NDS operation when currently logged into a non-NDS server o /k does not function on NDS servers o The NDS aware programs may give incorrect relative names when you have two containers with the same name, one immediately below the other e.g. test.test.jrb. When names are expressed relative to test.jrb, the lower test container name may be omitted e.g. john.test.test.jrb is output as 'john' instead of 'john.test'. This is due to a bug in the SDK. o Partial names using a trailing period may not be expanded correctly again due to an SDK bug. These limitations will be removed or worked around in a future release. Those programs which do not yet have NDS support will do so in the next release. Chkhome In addition to the facilities in the bindery version, the NDS version has the following features: o Can also display each user's default server attribute o When /c is used, it also checks the "Home Directory" attribute for lowercase characters in the path. Netadmin allows a path to be specified in lowercase, but NetWare functions require DOS paths in uppercase. All JRButils convert the path to uppercase before using it. Creatobj In addition to the facilities in the bindery version, the NDS version has the following features: o Can create any type of NDS object o When creating users, all attributes are copied from the USER_TEMPLATE object if it exists in the context where the user is created. Creatobj also copies volume quotas from USER_TEMPLATE (which Uimport does not). An alternative template object may also be specified. o Can specify a time delay to occur after creating an NDS user, before attempting to create the home directory and grant rights to it. This gets around an NDS programming problem where a user creation request is directed to one server, the home directory is created on a second but the new user has not yet been replicated to that second server. An NDS request to create an object cannot be directed to a particular server. Deladdr Deladdr can be used to overcome a problem caused by bug in NW 4 where a user's network address is not removed from NDS at logout. When a user logs in, the network address of the workstation is added to the user's "Network address" attribute. The number of addresses in this attribute is used at login to determine the number of concurrent connections and whether the user has reached their limit. When addresses are not removed, a user may be told they have reached their connection limit when in fact they have not. Deladdr can be used to remove addresses where there is no corresponding login. Because the addresses cannot be linked back to the server to which the user connected, deladdr requires a list of servers to be scanned for connections with matching addresses to ensure addresses are not deleted for users currently logged in. Delobj The features are the same as the bindery based version. Dquota The features are the same as the bindery based version. Fsupdate The features are the same as the bindery based version. Getbal The NDS version has all the features of the bindery based version. It also allows the use of /x to process matching objects in the specified container AND all containers below it. Getquota The features are the same as the bindery based version. Getrest The NDS version has similar features to the bindery based version. The following points should be noted. o NW 4.x allows station restrictions to be set for protocols other than IPX. Getrest will display these with the exception of the Appletalk restrictions as Novell have not released details of the structure of the information returned for Appletalk restrictions. Currently filtering works only on IPX addresses. This limitation will be removed in a future release. o Getrest can process users in the specified container and all containers below it. o Getrest will use the value associated with a TZ environment variable to adjust date/time values to local time, if the variable is defined. The values for attributes such as last login time are stored in NDS in UTC (= GMT), and if a TZ variable is not defined, the values are displayed in the local time of the server to which you are connected. Grpadd The features are the same as the bindery based version. Grpdel The features are the same as the bindery based version. Grplist The features are the same as the bindery based version. Grpmemb The features are the same as the bindery based version. Home2 This is an NDS version of David Harris' HOME utility. It works under both bindery mode and NDS. In NDS mode it will check first for a "Home Directory" attribute, and if this does not exist, it will check for a bindery HOME_DIR property. It supports the /m option to map the current drive to the user's mail directory, and also allows /r to do a map root. Jrbpurge The features are the same as the bindery based version. Killconn The features are the same as the bindery based version. Killzero The NDS version has all the features of the bindery based version. In addition /m can be used to tell killzero to delete zero length files from the PMAIL subdirectory tree of each user's home directory. The NDS version of Pegasus Mail does not use the mail directories on SYS: Listobj In addition to the features of the bindery version, it has the following features: o Can list any type of NDS object in the nominated container o Can search all subordinates of the nominated container o Can search from [Root] Lscripts Lscripts operates under NW 2.x, 3.x and 4.x. It can perform both bindery and NDS functions. Features include: o Copies scripts from mail directories into NDS o Copies scripts from NDS into mail directories o Copies a file into NDS or the mail directories to become the login script. o Sets NDS scripts to 'include' the mail directory script o Creates mail directories for those users who do not have one, and grants the standard trustee rights [RWCEMF] o Views login scripts for users from NDS or mail directories o Can view and set login scripts for NDS profile objects, organizations and organizational units. o Corrects Mac names for mail directories. Novell's Install may not change the mail directory names in the Mac namespace during an upgrade (each mail directory is renamed as each user's ID changes). o Renaming mail directories after restoration of NDS via replication. Object IDs change when restoring so it is necessary to rename mail directories. To do this lscripts requires a file containing distinguished names and the object IDs before restoration. Listobj can create such a file. o List mail directories without a matching user o Can copy any file into each user's mail directory retaining the file name allowing lscripts to be used for tasks such as giving every user the same printcon.dat. Makememb The features are the same as the bindery based version. Mattach The features are the same as the bindery based version. Move_obj Move_obj moves NDS objects from one container to another. Objects can be moved individually, can be selected using wild cards, all members of a group may be moved, or a list of objects in a file may be moved. Netcopy The features are the same as the bindery based version. Openfile The features are the same as the bindery based version. Pqadd The features are the same as the bindery based version. Pqdel The features are the same as the bindery based version. Pqdeljob The features are the same as the bindery based version. Pqlist The features are the same as the bindery based version. Pqmovjob The features are the same as the bindery based version. Pqreljob The features are the same as the bindery based version. Pqstatus The features are the same as the bindery based version. Pqusers The features are the same as the bindery based version. Pradd Pradd works in NDS mode only allowing queues to be added to NDS printers. The default queue may be set, and priorities may be assigned to queues when adding them. Prdel Prdel works in NDS mode only allowing queues to be removed from NDS printers. The default queue may be removed, but NetWare will automatically make the first of the 'other' queues the default. Profiles Profiles adds profiles to users, replaces profiles for users or removes profiles for users. It can process a single user, or multiple selected via wild cards, group membership, or a list in a file. Profiles can create a profile object, but currently cannot assign a login script to it - use lscripts to do this. Psadd The NDS version has all the features of the bindery based version, but can also add printers to an NDS print server. Psdel The NDS version has all the features of the bindery based version, but can also remove printers to an NDS print server. Psusers The NDS version has all the features of the bindery based version, but can also list printers associated with an NDS print server. Renobj The features are the same as the bindery based version. Salvlist The features are the same as the bindery based version. Setacl Setacl can set, delete and view acls for a single object, multiple objects selected using wild cards, all members of a group, or for a list of objects in a file. It can process object acls, attribute acls and SMS acls. Setacl also allows you to add or delete en masse, objects' rights to one of their own properties. For example, it can grant each member of a group read access to his/her own login script. When viewing ACLs, by default all ACLs for each object are displayed, but output can be limited to ACLs for particular trustees, or for particular attributes. Setbal The NDS version has all the features of the bindery based version. It also allows the use of /x to process matching objects in the specified container AND all containers below it. Setcx Setcx scans an NDS tree for a given object, and if found, sets the default context to that in which the object was found. It functions with only browse rights for [Public] to [Root] which is granted by default at installation. Setcx will work from a NW 3.x server provided an NDS tree can be found. Where a preferred tree is not set in NET.CFG, a tree can be specified on the command line, but this feature cannot be used to override any existing connection to a tree. Sethome2 Sethome2 sets or deletes the contents of the "Home Directory" attribute under NDS. It can also o Set or delete each user's default server o Copy the home directory path from the HOME_DIR bindery property to the NDS "Home Directory" attribute Setname In addition to its bindery based functions, under NDS setname can set values for any attribute of any object, where the attribute value is ordinary text (specifically the attribute type is SYN_CI_STRING). This does not include attributes whose vales are NDS object names e.g. a group's MEMBERS attribute. Setname checks the schema to determine if the specified attribute is allowed for the specified object type, and that it is of the correct type. Setname can add multiple values where they are allowed, and can delete selected values. Setowner The features are the same as the bindery based version. Setpword The features are the same as the bindery based version. Setquota The features are the same as the bindery based version. Setrest The NDS version has similar features to the bindery based version. The following points should be noted. o NW 4.x allows station restrictions to be set for protocols other than IPX. Setrest currently sets only IPX restrictions. This limitation will be removed in a future release. o Setrest can process users in the specified container and all containers below it. o Setrest will use the value associated with a TZ environment variable to adjust date/time values to UTC time, if the variable is defined. The values for attributes such as last login time are stored in NDS in UTC (= GMT), and if a TZ variable is not defined, the values are assumed to be in the local time of the server to which you are connected. Sparse The features are the same as the bindery based version. Trstlist The features are the same as the bindery based version. When using /a which shows trustee rights inherited through security equivalence, the NDS version also lists trustees of each of the container objects forming the object's distinguished name. Every object is security equivalent to each of its parent objects. Usergrps The features are the same as the bindery based version. Users The features are the same as the bindery based version. Whodidit Whodidit has the same features as the bindery version. The option to output owners, updators and archivers in a form suitable for input to setowner is intended for use under NDS. This option may be useful if NDS is to be removed from a server and subsequently reinstated via backup or replication. All object IDs will change when NDS is reinstated with loss of file ownership, updaters and archivers, but they may be saved via whodidit and restored via setowner.